8.OpenStack网络组件
添加网络组件
安装和配置控制器节点
创建数据库
mysql -uroot -ptoyo123
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
IDENTIFIED BY 'toyo123';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
IDENTIFIED BY 'toyo123';
exit
创建服务凭据
source admin-openrc.sh
keystone user-create --name neutron --pass Abcd1234
keystone user-role-add --user neutron --tenant service --role admin
keystone service-create --name neutron --type network \
--description "OpenStack Networking"
keystone endpoint-create \
--service-id $(keystone service-list | awk '/ network / {print $2}') \
--publicurl http://controller:9696 \
--adminurl http://controller:9696 \
--internalurl http://controller:9696 \
--region regionOne
安装网络组件
yum install -y openstack-neutron openstack-neutron-ml2 python-neutronclient which
查询service
id下面编辑配置文件会用到
source admin-openrc.sh
keystone tenant-get service
编辑/etc/neutron/neutron.conf文件
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak
vim /etc/neutron/neutron.conf [database]
connection = mysql://neutron:toyo123@controller/neutron [DEFAULT]
rpc_backend = rabbit
rabbit_host = controller
rabbit_password = Abcd1234
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://controller:8774/v2
nova_admin_auth_url = http://controller:35357/v2.0
nova_region_name = regionOne
nova_admin_username = nova
nova_admin_tenant_id = 89bc1f42c0194ef4b1ff2dfea07caf2f
nova_admin_password = Abcd1234
verbose = True [keystone_authtoken]
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_tenant_name = service
admin_user = neutron
admin_password = Abcd1234 [neutron]
url = http://controller:9696
auth_strategy = keystone
admin_auth_url = http://controller:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = Abcd1234
编辑 /etc/neutron/plugins/ml2/ml2_conf.ini文件
mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak
vim /etc/neutron/plugins/ml2/ml2_conf.ini [ml2]
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch [ml2_type_gre]
tunnel_id_ranges = : [securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
编辑/etc/nova/nova.conf
vim /etc/nova/nova.conf [DEFAULT]
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver [neutron]
url = http://controller:9696
auth_strategy = keystone
admin_auth_url = http://controller:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = Abcd1234
完成安装
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade juno" neutron
systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \
openstack-nova-conductor.service
systemctl enable neutron-server.service
systemctl restart neutron-server.service
验证
source admin-openrc.sh
neutron ext-list
安装和配置网络节点
配置内核网络参数
vim /etc/sysctl.conf
net.ipv4.ip_forward=
net.ipv4.conf.all.rp_filter=
net.ipv4.conf.default.rp_filter= sysctl -p
安装网络组件
yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch
编辑/etc/neutron/neutron.conf
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak
vim /etc/neutron/neutron.conf [DEFAULT]
rpc_backend = rabbit
rabbit_host = controller
rabbit_password = Abcd1234
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
verbose = True [keystone_authtoken]
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_tenant_name = service
admin_user = neutron
admin_password = Abcd1234
编辑 /etc/neutron/plugins/ml2/ml2_conf.ini
mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak vim /etc/neutron/plugins/ml2/ml2_conf.ini [ml2]
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch [ml2_type_flat]
flat_networks = external [ml2_type_gre]
tunnel_id_ranges = : [securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver [ovs]
local_ip = 192.168.116.8
enable_tunneling = True
bridge_mappings = external:br-ex [agent]
tunnel_types = gre
编辑/etc/neutron/l3_agent.ini
mv /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini_bak vim /etc/neutron/l3_agent.ini [DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
external_network_bridge = br-ex
router_delete_namespaces = True
verbose = True
编辑/etc/neutron/dhcp_agent.ini
mv /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini_bak vim /etc/neutron/dhcp_agent.ini [DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = True
dhcp_delete_namespaces = True
verbose = True
dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
创建/etc/neutron/dnsmasq-neutron.conf并关掉dnsmasq进程
vim /etc/neutron/dnsmasq-neutron.conf dhcp-option-force=,
pkill dnsmasq
编辑/etc/neutron/metadata_agent.ini
mv /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini_bak
vim /etc/neutron/metadata_agent.ini [DEFAULT]
auth_url = http://controller:5000/v2.0
auth_region = regionOne
admin_tenant_name = service
admin_user = neutron
admin_password = Abcd1234
nova_metadata_ip = controller
metadata_proxy_shared_secret = METADATA_SECRET
verbose = True
编辑/etc/nova/nova.conf
mv /etc/nova/nova.conf /etc/nova/nova.conf_bak
vim /etc/nova/nova.conf [neutron]
service_metadata_proxy = True
metadata_proxy_shared_secret = Abcd1234
重启nova-api服务
systemctl restart openstack-nova-api.service
配置开放的vSwitch(OVS)服务
systemctl enable openvswitch.service
systemctl start openvswitch.service
ovs-vsctl del-br br-ex && ovs-vsctl add-br br-ex && ovs-vsctl add-port br-ex eth0 && reboot
创建ifcfg-br-ex
vim /etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
ONBOOT=yes
OVSBOOTPROTO=none
IPADDR=192.168.116.8
PREFIX=24
DEFROUTE=yes
GATEWAY=192.168.116.1
DNS1="114.114.114.114"
编辑/etc/sysconfig/network-scripts/ifcfg-eth0
vim /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE="Ethernet"
BOOTPROTO="none"
DEFROUTE="yes"
NAME="eth0"
UUID="0e9ff19f-53db-4e78-ab16-a271ff92bd2b"
DEVICE="eth0"
ONBOOT="yes"
停止Gro并重启network服务
ethtool -K eth0 gro off && service network restart
创建ml2_conf.ini重定向并启动服务与设置开机自启动
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cp /usr/lib/systemd/system/neutron-openvswitch-agent.service \
/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig
sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' \
/usr/lib/systemd/system/neutron-openvswitch-agent.service
systemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service \
neutron-dhcp-agent.service neutron-metadata-agent.service \
neutron-ovs-cleanup.service
systemctl restart neutron-openvswitch-agent.service neutron-l3-agent.service \
neutron-dhcp-agent.service neutron-metadata-agent.service \
neutron-ovs-cleanup.service
验证
source admin-openrc.sh
neutron agent-list
配置计算机节点网络
编辑/etc/sysctl.conf
vim /etc/sysctl.conf net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.default.rp_filter=0 sysctl -p
安装网络组件
yum install -y openstack-neutron-ml2 openstack-neutron-openvswitch
编辑/etc/neutron/neutron.conf
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak
vim /etc/neutron/neutron.conf [DEFAULT]
rpc_backend = rabbit
rabbit_host = controller
rabbit_password = Abcd1234
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
verbose = True [keystone_authtoken]
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_tenant_name = service
admin_user = neutron
admin_password = Abcd1234
编辑/etc/neutron/plugins/ml2/ml2_conf.ini
mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak
vim /etc/neutron/plugins/ml2/ml2_conf.ini [ml2]
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch [ml2_type_gre]
tunnel_id_ranges = : [securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver [ovs]
local_ip = 192.168.116.10
enable_tunneling = True [agent]
tunnel_types = gre
启动OVS服务并将其配置为开机自启动
systemctl enable openvswitch.service
systemctl restart openvswitch.service
编辑/etc/nova/nova.conf
vim /etc/nova/nova.conf [DEFAULT]
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver [neutron]
url = http://controller:9696
auth_strategy = keystone
admin_auth_url = http://controller:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = Abcd1234
完成安装
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cp /usr/lib/systemd/system/neutron-openvswitch-agent.service \
/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig
sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' \
/usr/lib/systemd/system/neutron-openvswitch-agent.service
systemctl restart openstack-nova-compute.service
systemctl enable neutron-openvswitch-agent.service
systemctl restart neutron-openvswitch-agent.service
验证
source admin-openrc.sh
neutron agent-list
创建外部网络
source admin-openrc.sh
neutron net-create ext-net --router:external True \
--provider:physical_network external --provider:network_type flat
neutron subnet-create ext-net --name ext-subnet \
--allocation-pool start=192.168.116.240,end=192.168.116.250 \
--disable-dhcp --gateway 192.168.116.1 192.168.116.0/
创建租户网
source demo-openrc.sh
neutron net-create lan-net
neutron subnet-create lan-net --name lan-subnet \
--gateway 192.168.101.1 192.168.101.0/
neutron router-create lan-router
neutron router-interface-add lan-router lan-subnet
neutron router-gateway-set lan-router ext-net
创建路由器以便租户网可以连接外部
验证
ping 192.168.116.150
做了上面的ovs就不要做下面的传统网络
配置控制器节点
配置传统网络
编辑/etc/nova/nova.conf
重启服务
vim /etc/nova/nova.conf [DEFAULT]
network_api_class = nova.network.api.API
security_group_api = nova
systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \
openstack-nova-conductor.service
配置计算机节点
安装网络组件
yum install -y openstack-nova-network openstack-nova-api
编辑 /etc/nova/nova.conf
vim /etc/nova/nova.conf [DEFAULT]
network_api_class = nova.network.api.API
security_group_api = nova
firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
network_manager = nova.network.manager.FlatDHCPManager
network_size =
allow_same_net_traffic = False
multi_host = True
send_arp_for_ha = True
share_dhcp_address = True
force_dhcp_release = True
flat_network_bridge = eth0
flat_interface = eth0
public_interface = eth0
启动服务并配置为开机自启动
systemctl enable openstack-nova-network.service openstack-nova-metadata-api.service
systemctl restart openstack-nova-network.service openstack-nova-metadata-api.service
创建初始网络(192.168.116.25/29根据当前外网计算得出的这里的外网是指云主机获取到的ip可直接访问外网,生产环境中可将这里配置为从运营商那里获取到的ip段)
source admin-openrc.sh
nova network-create demo-net --bridge eth0 --multi-host T \
--fixed-range-v4 192.168.116.25/
验证
nova net-list
8.OpenStack网络组件的更多相关文章
- OpenStack云计算(一)——OpenStack 网络
关于OpenStack OpenStack它是 Rackspace Cloud 和 NASA 负责的一个开源基础架构即服务的云计算项目. OpenStack 是一个由开发者和云计算技术人员的全球协作开 ...
- 深入理解openstack网络架构(3)-----路由
原文地址: https://blogs.oracle.com/ronen/entry/diving_into_openstack_network_architecture2 译文转自:http://b ...
- 深入理解openstack网络架构(2)----Basic Use Cases
原文地址: https://blogs.oracle.com/ronen/entry/diving_into_openstack_network_architecture1 译文转自: http:// ...
- 深入理解openstack网络架构(1)
原文地址: https://blogs.oracle.com/ronen/entry/diving_into_openstack_network_architecture 译文转载自:http://b ...
- OpenStack网络的前世今生
声明: 本文转自OpenStack中国社区,原文链接:http://www.openstack.cn/p353.html,作者Joshua,转载请注明. 在OpenStack世界中,网络组件最初叫no ...
- openstack 网络架构 nova-network + neutron
openstack网络架构(nova-network/neutron) openstack网络体系中,网络技术没有创新,但用到的技术点很庞杂,包含bridge.vlan.gre.vxlan.ovs.o ...
- openstack 网络简史
openstack 网络简史 研究openstack有2个月的时间,这段时间从网上获取N多宝贵资料,对我的学习有非常大帮助,在加上我自己的研究,最终对openstack整个网络体系有了个浅显的认识,写 ...
- OpenStack—neutron组件介绍与安装
neutron介绍 Neutron 概述:传统的网络管理方式很大程度上依赖于管理员手工配置和维护各种网络硬件设备:而云环境下的网络已经变得非常复杂,特别是在多租户场景里,用户随时都可能需要创建.修改和 ...
- OpenStack—nova组件计算服务
nova介绍: Nova 是 OpenStack 最核心的服务,负责维护和管理云环境的计算资源.OpenStack 作为 IaaS 的云操作系统,虚拟机生命周期管理也就是通过 Nova 来实现的. 用 ...
随机推荐
- java身份证计算年龄
技术交流群: 233513714 /** * 根据身份证计算年龄 * * @param idcard * @return */ public static Integer idCardToAge(St ...
- Postman-简单使用(1)
Postman-简单使用(1) Postman-简单使用 Postman-进阶使用 Postman-CI集成Jenkins Postman功能(https://www.getpostman.com/f ...
- Server Message Block
Question: Server Message Block文件共享存储虚拟机的优势是什么? Answer:微软在Windows Server 2012和Hyper-V 3.0中引进了SMB文件共享存 ...
- gprof使用介绍 (gcc -pg) [转]
原文出处: http://blog.csdn.net/unbutun/article/details/6609498 linux服务端编程,性能总是不可避免要思考的问题. 而单机(严格的说是单核)单线 ...
- Percona-Tookit工具包之pt-heartbeat
Preface Replication delay is a common issue in MySQL replications.Especially in those replic ...
- Python全栈工程师(集合、函数)
ParisGabriel 感谢 大家的支持 你们的阅读评价就是我最好的动力 我会坚持把排版内容以及偶尔的错误做的越来越好 每天坚持 一天一篇 点个订阅吧 灰常感谢 ...
- Python全栈工程师(列表、拷贝)
ParisGabriel 感谢 大家的支持 你们的阅读评价就是我最好的更新动力 我会坚持吧排版做的越来越好 每天坚持 一天一篇 点个订阅吧 灰常感谢 当个死粉也阔以 Py ...
- php利用PHPExcel类导出导入Excel用法
PHPExcel类是php一个excel表格处理插件了,下面我来给大家介绍利用PHPExcel类来导入与导出excel表格的应用方法,有需要了解的朋友不防参考参考(PHPExcel自己百度下载这里不介 ...
- php设计模式 工厂模式和单例
1.单例模式//让该类在外界无法造对象//让外界可以造一个对象,做一个静态方法返回对象//在类里面通过让静态变量控制返回对象只能是一个. class cat{ public $name; privat ...
- 【转载】10个最佳ES6特性
译者按: 人生苦短,我用ES6. 原文: Top 10 ES6 Features Every Busy JavaScript Developer Must Know 译者: Fundebug 为了保证 ...